Does QualysGuard check on BREACH vulnerability in compressed HTTPS at all? I was not able to find it.
The problem with BREACH is that it's not mitigated at the SSL level, it's mitigated at the application layer. That makes it near impossible to detect in any automated fashion. For example, if you're a Rails user, there is a mitigation within the rails framework.
Retrieving data ...